Hi

WNDR3700V2  openwrt r29611

i cant find what i need to regulate my traffic in the network

i need block all end alow only  ports   80, 443, 53    ( this done)

in the same time i like to forward all trafic blocked to a VPN interface

i have a old Router netopia 3386 there have a option called force routing in the filterset , Can anyone help me find something similar to this?

network

config interface lan
    option ifname    eth0.1
    option type    bridge
    option proto    static
    option ipaddr    192.168.1.1
    option netmask    255.255.255.0

config interface wan
    option ifname    eth1
    option proto    dhcp

config 'interface' 'pptp'
    option 'proto' 'pptp'
    option 'server' '1.1.1.1'
    option 'username' 'xxxxxxx'
    option 'password' 'yyyyyyyy'
    option 'defaultroute' '0'

firewall

config 'rule'
    option 'target' 'ACCEPT'
    option '_name' 'DNS'
    option 'src' 'lan'
    option 'proto' 'udp'
    option 'dest_port' '53'
    option 'dest' 'WAN'
    option 'family' 'ipv4'

config 'rule'
    option 'target' 'ACCEPT'
    option '_name' 'http'
    option 'src' 'lan'
    option 'dest' 'WAN'
    option 'proto' 'tcp'
    option 'dest_port' '80'
    option 'family' 'ipv4'

config 'rule'
    option 'target' 'ACCEPT'
    option '_name' 'https'
    option 'src' 'lan'
    option 'proto' 'tcp'
    option 'dest_port' '443'
    option 'dest' 'WAN'
    option 'family' 'ipv4'

config 'rule'
    option '_name' 'block'
    option 'src' 'lan'
    option 'dest' 'WAN'
    option 'proto' 'all'
    option 'target' 'REJECT'

config 'defaults'
    option 'input' 'ACCEPT'
    option 'forward' 'ACCEPT'
    option 'output' 'ACCEPT'
    option 'drop_invalid' '0'

config 'zone'
    option 'name' 'lan'
    option 'network' 'lan'
    option 'input' 'ACCEPT'
    option 'forward' 'ACCEPT'
    option 'output' 'ACCEPT'

config 'zone'
    option 'output' 'ACCEPT'
    option 'masq' '1'
    option 'mtu_fix' '1'
    option 'input' 'ACCEPT'
    option 'forward' 'ACCEPT'
    option 'name' 'PPTP'
    option 'network' 'pptp'

config 'include'
    option 'path' '/etc/firewall.user'

config 'zone'
    option 'input' 'ACCEPT'
    option 'output' 'ACCEPT'
    option 'name' 'WAN'
    option 'masq' '1'
    option 'mtu_fix' '1'
    option 'forward' 'ACCEPT'
    option 'network' 'wan'

config 'forwarding'
    option 'dest' 'PPTP'
    option 'src' 'lan'

config 'forwarding'
    option 'dest' 'WAN'
    option 'src' 'lan'

Thanks 

Daniel

(Last edited by puyooo on 27 Dec 2011, 09:35)